IN THE CLAIMS 
Please amend the claims as follows: 



1. (Currently Amended) Method A method for authenticating a 
first unit to a second unit , said method comprising the steps of: 

a) exchanging authentication data between said first unit and 
said second unit, said authentication data being retrieved from an 

5 authorioation authorization list comprising a list identifier— j_ 

b) checking the presence of the first unit on the 

authorization list; and 

fe-)-c) checking the authenticity v alidity of the authorioation 

authorization list and the origin of the authentication data from a 
10 valid authorioation liat using the list identifier received from the 
first unit and a list identifier stored in the second unit . 

2 . (Currently Amended) Method according to The method as 
claimed in claim 1, wherein authentication of said first unit is 
terminated if either of said otcp of checking steps fails. 

3 . (Currently Amended) Method according to The method as 
claimed in claim 1, wherein said first unit comprises an 
application unit including an application and said second unit 
comprises a security unit. 
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4 . (Currently Amended) Method according to The method as 
claimed in claim 3, wherein said authorioation authorization list 
comprises a certified application list comprising information about 
authorised authorized applications . 

5. (Currently Amended) Method according to The method as 
claimed in claim 4, 

wherein in said step a)_^ a certified public key of said 

application unit retrieved from said certified application list and 
5 a list identifier of said certified application list is transmitted 
from said application unit to said security unit, and 

wherein in said step be) said certified public key of said 

application unit and said list identifier of said certified 
application list is checked by said security unit. 

6. (Currently Amended) Method according to claim The method as 
claimed in claim 5, wherein said method further compriaing 
comprises the steps ofj^ 

bl) transmitting a certified public key of said security unit 

5 from said security unit to said application unit-?—; and 

b2) checking said certified public key of said security unit 

by said application unit against a certified security unit 
revocation list. 
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7. (Currently Amended) Method according to The method as 
claimed in claim 6, wherein said certified public keys are checked 
by use of a public key of a certification unit provided by said 
certification unit to said security unit and said application unit. 

8. (Currently Amended) Method according to The method as 
claimed in claim 5, wherein said certified application list is 
provided and updated by a certification unit. 

9. (Currently Amended) Method according to The method as 
claimed in claim 1, wherein said list identifier is distributed 
together with data carriers or from any of said first unit, second 
unit or said certification unit. 

10. (Currently Amended) Method A method for transmitting data 
securely over a transmission channel from a second unit to a first 
unit , said method comprising the steps of: 

a method for authenticating said first unit to said 

5 second unit according to as claimed in claim 1-, — further comprioing 
the otcpo of : 

ed) encrypting data to be transmitted using an encryption key 

by said second unit—; and 
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de) transmitting said encryption key and the encrypted data 

from said second unit to said first unit or determining said 
encryption key by said first and said second unit. 



11. (Currently Amended) Method according to The method as 
claimed in claim 10, wherein said authorioation authorization list 
is distributed together with said data to be transmitted, with data 
carriers, with application units or applications. 

12. (Currently Amended) Data A data transmission system for 
transmitting data securely over a transmission channel comprising: 

a) a first unit for transmitting authentication data from 
said first unit to said a second unit, said authentication data 

5 being retrieved from an authorioation authorization list comprising 
a list identifier-; — j_ 

b) a second unit for checking the authenticity of the 
authorioation authorization list and the origin of the 
authentication data from a valid authorioation authorization list 

10 and for transmitting said data over a transmission channel from 
said second unit to said first unit . 

13. (Currently Amended) Data The data transmission system 
according to as claimed in claim 12, wherein the second unit ie 
provido d comprises : 
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means for encrypting data to be transmitted using an 

5 encryption key-? — ; and 

means for transmitting said encryption key and said 

encrypted data from said second unit to said first unit or for 
determining said encryption key by said first and said second unit. 

14. (Currently Amended) Data The data transmission system 
according to as claimed in claim 12, wherein said data transmission 
system further compriaing comprises: 

a certification unit for providing a public key of said 

5 certification unit for checking said authentication data and for 
providing and updating said authorioation authorization list. 

15. (Currently Amended) Data The data transmission system 
according to as claimed in claim 12, wherein said data transmission 
system further compriaing comprises: 

a computer comprising a reading unit for reading a data 

5 carrier storing the data to be transmitted, 

wherein said first unit is part of said computer provided 

for running an application^ and 

wherein said second unit is part of said computer 

connected to or arranged in the reading unit provided for 
10 decrypting and re-encrypting data read from said data carrier. 
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16. (Currently Amended) Data A data transmission apparatus for 
transmitting data securely over a transmission channel comprising: 

a) a first unit for transmitting authentication data from 
said first unit to said second unit, said authentication data being 

5 retrieved from an authorisation authorization list comprising a 
list identifier— ; and 

b) a second unit for checking the authenticity of the 
authorisation authorization list and the origin of the 
authentication data from a valid authorisation authorization list, 

10 for encrypting data to be transmitted using an encryption key, and 
for transmitting said encryption key and said encrypted data from 
said second unit to said first unit or for determining an 
encryption key by said first and said second unit. 
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